In 2010, I used a Cisco EA2700 router behind an AT&T gateway, with the remote update turned off, and MAC address filtering for only three devices, two general purpose computing "towers," and an iPod.
While using this implementation, I began to theorize a Virtual environment, where a virtual router controls access to other (possibly even "virtual") machines. I speculated that this would make penetration harder, by specifying the (updatable) MAC address of the virtual router as the only device authorized to pass traffic to the WAN, at the hardware router. Admins could still telnet in, to manage the virtual router, using the IP address and password, (such as managing whitelists and blacklists.) One could also specify MAC address filtering within the virtual environment. It's obligatory to suggest that the virtual router is a different firmware model than the physical router.
This might compare or contrast to a Bluetooth type pairing and bonding protocol.
I think it actually improves things.
No comments:
Post a Comment